Bug 1519857 - Enter the script's realm in DecompileAtPCForStackDump. r=arai
authorJan de Mooij <jdemooij@mozilla.com>
Tue, 15 Jan 2019 10:03:42 +0000
changeset 513899 a8031a63f5971d5caff0f6874447211dd55c40e0
parent 513898 fc12f3d8c2d7163730fe829ace5e366424f66d09
child 513900 4234a4516c4526b942e635e825a259206287ac7f
push id1953
push userffxbld-merge
push dateMon, 11 Mar 2019 12:10:20 +0000
treeherdermozilla-release@9c35dcbaa899 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersarai
bugs1519857
milestone66.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1519857 - Enter the script's realm in DecompileAtPCForStackDump. r=arai Differential Revision: https://phabricator.services.mozilla.com/D16531
js/src/jit-test/tests/realms/bug1519857.js
js/src/vm/BytecodeUtil.cpp
new file mode 100644
--- /dev/null
+++ b/js/src/jit-test/tests/realms/bug1519857.js
@@ -0,0 +1,4 @@
+// |jit-test| skip-if: !("dis" in this)
+const g = newGlobal({sameCompartmentAs: this});
+g.eval(`function f() { y(); }`);
+dis(g.f);
--- a/js/src/vm/BytecodeUtil.cpp
+++ b/js/src/vm/BytecodeUtil.cpp
@@ -2177,16 +2177,19 @@ UniqueChars ExpressionDecompiler::getOut
 }
 
 }  // anonymous namespace
 
 #if defined(DEBUG) || defined(JS_JITSPEW)
 static bool DecompileAtPCForStackDump(
     JSContext* cx, HandleScript script,
     const OffsetAndDefIndex& offsetAndDefIndex, Sprinter* sp) {
+  // The expression decompiler asserts the script is in the current realm.
+  AutoRealm ar(cx, script);
+
   LifoAllocScope allocScope(&cx->tempLifoAlloc());
   BytecodeParser parser(cx, allocScope.alloc(), script);
   parser.setStackDump();
   if (!parser.parse()) {
     return false;
   }
 
   ExpressionDecompiler ed(cx, script, parser);